Re: [Openvpn-users] OpenVPN security question

bart wrote:
>
> Hi David,
>
> 1) When I do IPCONFIG/ALL, I see three headings with information:
>
> Windows 2000 IP Configuration
> Ethernet adaptor openvpn
> Ethernet adaptor Local Area Connection
>
> If I have openvpn connected, then there is more information contained under the
> middle heading ("Ethernet adaptor openvpn"). This information is in the form of
> IP addresses.
>
>
Does the "Ethernet adaptor openvpn" list a value for "Default gateway".
You mentioned before that whatismyip reported the same value regardless
of whether or not you are connected, so I suspect you aren't using the
vpn as a default gateway.
> 2) When I do nslookup www.google.com without openvpn, I can see that my ISP for
> my home internet connection is listed after "Server:"
>
> If I connect to openvpn and do the same thing, I can then see that a server from
> work is listed after "Server:"
>
>
But based on this you are using your work's name server.
> So I take it that this means that my employer has a record of every web page
> that have I viewed using my browser on my home PC whenever openvpn was
> connected. They never informed me of this, but I will be careful in the future.
>
> One more question: will the logs clearly show that I accessed these pages from
> my home PC, and not while physically on company premises?
>
> Thanks
>
>
>
When you connect to a website there are two stages. Say I want to go to
http://openvpn.net/download.html first of all I connect to my name
server and ask for the IP of openvpn.net (216.218.242.2) I then make an
outbound connection to that IP on port 80 and send "GET /download.html".
If I look at other pages on openvpn.net I can skip the first step
because I already know the IP address.
The procedure is similar for other types of connection.
So your employer can see that you are looking up openvpn.net but they
can't see what you are doing with that information, you might be
browsing the web, connecting to a Quake match, testing your connection
with ping or just poking around with nslookup.
If they were your default gateway then they would be able to see (and
possibly intercept) the second stage (the port 80 connection) and from
that they could figure out what you were doing exactly.
Unless they are specifically trying to find out what you are doing at
home, they are unlikely to go digging through DNS logs, logging at the
gateway is much simpler.
*Michael Heydon - IT Administrator *
michaelh@xxxxxxxxxxxxx <mailto:michaelh@xxxxxxxxxxxxx>
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users